From 12131cddc9ba33c00d80026caa3cf586b8bcd6af Mon Sep 17 00:00:00 2001
From: Terry Chia <terrycwk1994@gmail.com>
Date: Thu, 3 Jul 2014 14:58:19 +0800
Subject: Added preference for stdlib's compare_digest to constant_time

---
 cryptography/hazmat/primitives/constant_time.py | 16 +++++++++++++---
 1 file changed, 13 insertions(+), 3 deletions(-)

diff --git a/cryptography/hazmat/primitives/constant_time.py b/cryptography/hazmat/primitives/constant_time.py
index 4547da13..9789851a 100644
--- a/cryptography/hazmat/primitives/constant_time.py
+++ b/cryptography/hazmat/primitives/constant_time.py
@@ -13,6 +13,7 @@
 
 from __future__ import absolute_import, division, print_function
 
+import hmac
 import sys
 
 import cffi
@@ -53,9 +54,18 @@ _lib = _ffi.verify(
     ext_package="cryptography",
 )
 
+if hasattr(hmac, "compare_digest"):
+    def bytes_eq(a, b):
+        if not isinstance(a, bytes) or not isinstance(b, bytes):
+            raise TypeError("a and b must be bytes.")
+
+        return hmac.compare_digest(a, b)
 
-def bytes_eq(a, b):
-    if not isinstance(a, bytes) or not isinstance(b, bytes):
+else:
+    def bytes_eq(a, b):
+        if not isinstance(a, bytes) or not isinstance(b, bytes):
             raise TypeError("a and b must be bytes.")
 
-    return _lib.Cryptography_constant_time_bytes_eq(a, len(a), b, len(b)) == 1
+        return _lib.Cryptography_constant_time_bytes_eq(
+            a, len(a), b, len(b)
+        ) == 1
-- 
cgit v1.2.3